So much for unified security?

I'm on my way back from a trip to Kansas City and as I approached security, I saw that the guy checking IDs was private security and not TSA like I'd seen at every airport I've been to in awhile. As I walk past the ID checker, I see that every security person was from a private company. Well, it looks like in the government's efforts to standardize security at airports, they left gaping holes. The The Aviation and Transportation Security Act of 2001 (ATSA) left the option open for airports, like Kansas City to use First Line Security. This seems like such a waste as the government spent a lot of money to get away from private, inconsistent security at airports.

While I can't say that I feel more or less secure going through Kansas City, I think that the inconsistency sends a very wrong message to the flying public.

Misguided financial values?

On the news the other night, we saw a story about how the stimulus package is providing jobs for some teenagers. The teenagers get paid $10 to work in different office capacities. In order to qualify, the teenagers must come from families that live below the poverty line. I'm not going to argue the merits of this program. They interviewed a few of the kids in the program and one kid said that he'd use some of the money to help out his mother, but then said that he was going to spend some money on himself to get a new cell phone. First off, is a cell phone necessary for everyone? I don't know and don't have to deal with that, yet. (My 2 year old son plays with our cell phones, but he doesn't have his own plan and doesn't actually make calls.) Second, the kid pulls out his brand new iPhone. Let's do a little math. With Apple's new pricing, the lowest priced iPhone is $99. AT&T puts every iPhone on a minimum $30/month data plan in addition to at least the lowest priced voice plan which is $39.99. Let's also assume that the kid doesn't do any text messaging. For a 2 year contract, that is $70/month * 24 = $1680 + $99 for the initial cost of the phone. I've excluded taxes for this example. So at $10/hour, this kid has to work 180 hours or effectively one month full time to pay for this gadget.

It would seem to me that somewhere kids need to be taught fiscal responsibility and save money for college, a rainy day, or something else. If the parents can't help, maybe it should be a mandatory class in high school. During the summer when I was in college, I worked full time and pretty much saved every penny I earned in order to pay for my half of college (my parents made a deal with me that they'd pay for half of my college and I had to figure out how to pay for the other half). I worked with my father to come up with a budget, put in a few things I wanted to buy including a road bike, and figure out how to pay for everything by working and taking out loans.

I know that I'm quite lucky that my father made me fiscally responsible at a young age (I started saving for retirement when I was 12). Actually, maybe I'm a bit too responsible as I'm always concerned about money when sometimes I don't need to; however, I believe that I'll be able to meet all my financial goals.

Leopard Server Password Reminder

Leopard Server's LDAP implementation allows an administrator to set requirements about user passwords, such as length of password, what characters it must include, how often it must be changed, etc. One major oversight on Apple's part is a facility to inform users that their passwords will expire. Maybe if users login via AFP or using Network Home Directories they'd see a message, but we're using LDAP for authentication from a bunch of other servers. As I didn't want to have to remember to remind people to change their passwords, I came up with a script to handle it for me. I've seen other scripts out their, but they made some assumptions that didn't work for us. Our mail server is on a different machine and usernames don't match email addresses, so my solution had to be robust. The only requirement for my script is that the email address has to be filled in for the LDAP entry. Also you must have some facility for users to change his/her own password. We're using a WebObjects program we found to let users do this.

You'll need to change the LDAP server name and the number of days to send out the reminder; we require password changes every 90 days, so I send the reminder seven days before. This is run via a crontab at midnight (or so) each evening.

I'm not an awk master, but this seems to be working fine

#!/bin/sh
datelogfile=/backups/datechange.log
tmpfile=/tmp/passwordchange.tmp
grep -h "changed" /Library/Logs/PasswordService/ApplePasswordServer.Server.log* | awk '{ test=$1 " " $2 " " $3 " " $4; cmd="date -j -f \"%b %d %Y %H:%M:%S\" \047"test"\047 +%s"; cmd | getline day; close(cmd); {printf day " " $13"\n"}; }' | sed s/}/' '/g >> $datelogfile
sort -r $datelogfile | sort -r -k 2 -k 1 - | uniq -f 1 | sort -r - > $tmpfile
cat $tmpfile > $datelogfile

Linux on a cell phone

Like other geeks, I downloaded the Pre webOS SDK and installed it. While I don't have time (I'm not sure where all my time goes) to actually write code (I'd have to learn Javascript which shouldn't be too hard, but lack of time is the problem), I did want to at least kick the tires.

I didn't quite know what to do with the SDK, but reading the "homebrew" forums over on precentral.net, led me to a program in the SDK called novaterm. I hooked up my Pre, ran novaterm, and then got a big smile on my face. Here I was executing commands on the Pre as root. I was able to use top, uptime, as well as navigate the directories. For most users, this doesn't mean much, but I'm a huge Linux/UNIX fan and have been for years. There are just some things that you can only do on a command line or things that are faster to do with a command line. (Luckily Mac OS X gives me the best of both worlds; the beautiful GUI and a command line interface.)